Recent vulnerabilities and exploits

NA
CVE-2019-19807

In the Linux kernel before 5.3.11, sound/core/timer.c has a use-after-free caused by erroneous code refactoring, aka CID-e7af6307a8a5. This is related to snd_timer_open and snd_timer_close_locked. The timeri variable was originally intended to be for a newly created timer...

NA
CVE-2014-3536

CFME (CloudForms Management Engine) 5: RHN account information is logged to top_output.log during registration...

NA
CVE-2014-3701

eDeploy has tmp file race condition flaws...

NA
CVE-2014-8561

imagemagick 6.8.9.6 has remote DOS via infinite loop...

NA
CVE-2014-8650

python-requests-Kerberos through 0.5 does not handle mutual authentication...

NA
CVE-2014-3652

JBoss KeyCloak: Open redirect vulnerability via failure to validate the redirect URL....

NA
CVE-2014-3643

jersey: XXE via parameter entities not disabled by the jersey SAX parser...

NA
CVE-2014-4913

ZF2014-03 has a potential cross site scripting vector in multiple view helpers...

NA
CVE-2014-3699

eDeploy has RCE via cPickle deserialization of untrusted data...

9.3
CVSSv2
CVE-2017-8565

Windows PowerShell in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability when PSObject wraps a CIM Instance, aka...